DMARC adoption

[Asha'man X]

Hi everyone,

After moving my school's domain to Office 365 on the weekend and getting my head around SPF, DKIM and DMARC records, I began to see the benefit to all of it. Took a while, but I have my head mostly around it now I think.

I decided to randomly sample some SA sites to see if they had a DMARC record and most didn't. I find it interesting that only Standard Bank has a DMARC record and the other banks don't. Properly set up, DMARC records would help kill so much of the internet bank spam and phishing mails we get sent that use the local banks names.

I wonder when the banks will adopt the standard and save themselves some grief?

 

[neo_]

I only recently heard about it too after having switched over to O365 (which is awesome).

Interesting reading.

 

[neo_]

Actually curious about the IP sources for DMARC (added to the SPF record). What addresses would it be looking for? Not sure what would be used...

 

[Asha'man X]

Actually curious about the IP sources for DMARC (added to the SPF record). What addresses would it be looking for? Not sure what would be used...

As I understand it, DMARC doesn't do any work with IP's. Essentially, it tells a recipient mail server what to do if your mail fails SPF and/or DKIM checks. As I understand it, while those 2 records validate mail, they don't actually tell the recipient server what to do when a mail fails the record, so the server takes a best guess on what to do. With a DMARC record in place, the recipient server can actually find out what to do exactly, no guessing involved.

EDIT: I actually read that report from the US FTC a few days ago. Bit sad to see that adoption is still low, but it does look like it's going to be increasing at a faster pace. Hope the SA banks take note, it will make life easier for all of us!